How NOT to Investigate Questionable Online Behavior

pexels-photo-534204We are being inundated with news of high profile misconduct incidents, notably sexual assault and/or harassment. Many of the reports pertain to dated allegations and most if not, all were never officially reported to the authorities. However, there is one recent case involving 9th Circuit federal Judge Alex Kozinski that did have an “official” inquiry and highlights how NOT to investigate an online case.

Background

Washington Post journalist Matt Zapotosky reported on December 8, 2017,  that Judge Kozinski had allegedly sexually harass court employees. Specifically, he would show porn to staff and ask for their input, including whether it excited them. He also allegedly made sexual suggestive comments, like publicly telling a female court employee she you should workout naked. These incidents were never reported for fear that there would be reprisals from the powerful judge.

However, as noted by Zapotosky the judge was investigated in 2008 for misconduct of a sexual nature.  I would argue that had this investigation been conducted differently it could very well have lead to his undoing and may have detected or prevented conduct that has since been discovered.

The 2008 misconduct came to light after the LA Times ran a story  that Judge Kozinski was running a public website that maintained pornography. By they way this was not just any pornography but involved images which included;

a photo of naked women on all fours painted to look like cows and a video of a half-dressed man cavorting with a sexually aroused farm animal.”

At the time Judge Kozinski was presiding over an obscenity case. After the LA Time story appeared Judge Kozinski declared a mistrial and recuse himself. He also reported his conduct for investigation by the 9th Circuit Judicial Conference.

The matter ended up being investigated by a committee in the 3rd Circuit and not the 9th Circuit, which is kind of interesting. Why that circuit? Why not another? I will get back to that later. Judge Anthony J. Scirica was chair of the committee charged with doing the investigation and noted they completed the following investigative steps:

… by making written and telephonic inquiries; reviewing relevant documents and the image, audio, and video files provided by the Judge; engaging a consultant to advise the Special Committee on certain computer technology issues; and examining the Judge in person, under oath, and on the record.’

pexels-photo-207580The thing that stands out in all this is no one apparently actually examined Judge Kozinski’s server. Let me repeat that for a moment. The case involved a website and no digital evidence was apparently independently collected or forensically examined.  They took the judge’s word for what was on it and received images he provided. There was no forensic examination of this server, which might shed light on the following:

  • What exactly was on the sever, was it legal or illegal pornography?
  • Who accessed the sever and when? (Such as during normal court business hours)
  • More specifically were pornographic images on the server accessed during court hours and by someone working in the judiciary?

Equally troubling is the investigating committee never bothered to ask the 9th Circuit Court for information on whether court systems were used to access Judge Kozinski’s server. We know he admitted that he used the server for sharing files with other judges etc. but we have only his word on what was shared and accessed.

The 9th Circuit system could have provided independent information about what was shared/accessed and when. Imagine how this information might shed a bright light on the allegations being made today. For instance, the 9th Circuit court might have shown that their systems were used to access the judge’s server on a specific time and location (directory). Which would have raised questions about what was accessed and by whom and why.  Remember we now have allegations that the Judge Kozinski was accessing pornography and showing it to court employees.

By examining the 9th Circuit systems in 2008, there might have been evidence of sexual harassment. For instance, logs might have reflected that the court’s systems were used to access the judge’s server at 10:00 a.m. on a workday and the access was to a specific directory and/or file. What was in that directory and what was the file? Was it the judge and who was he with at the time? But those inquires were not made because they never apparently thought computer logs were important in an investigation concerning a website.

At a minimum, one would have thought the investigation would have asked the 9th Circuit for an examination of Judge Kozinski’s work computer to see when and how it interacted with his server. Again, this might have shown access to directories and files that might lead to inquiries of a more troubling nature for the judge.

The investigative report reflects actual digital evidence was not as important as Judge Kozinski’s “unbiased” statements on what occurred. This case had all the earmarks of something requiring computer forensics but that was not done. Imagine any obscenity or child pornography investigation only being conducted by asking the target what they did.

Now one might argue that Judge Scirica committee was trying to be narrow the investigation’s scope and only asking questions pertaining to certain issues. They didn’t want to pry into his personal or private life. Equally compelling is that Judge Sciricia did not want to push the issue about accessing the judge’s work computer and the 9th Circuit system as Judge Kozinski was at the forefront of forcibly objecting to Internet monitoring of judges as reflected by the LA Times in 2001.

Gee, we can only speculate now why he was objecting to monitoring. Maybe, that was why he had the personal server in the first place. He could access porn without fear of an alert because his sever did not have “porn” titles in files and directories that would triggered a notification by a monitoring program.  He noted in his sworn testify that he did not maintain images with suggestive titles making it a tough task to remove porn from various directories. Maybe that was to avoid getting caught looking at porn during working hours.

The accommodation given to Judge Kozinski is the exact opposite of how a Sixth Circuit misconduct committee operated in Judge John Adam’s case. His case centered not on sexual misconduct or financial/ethical concerns but that he was considered recalcitrant by a small minority of his judicial colleagues. Judge Scirica was also involved in a review of that investigation. His committee agreed that is was entirely appropriate for the Sixth Circuit tribunal to demand Judge Adams’ medical records as well as order him to submit to a mental health evaluation as they had broad investigative authority.

So, under Judge Sciria’s thinking it is okay to expand an investigation into one judge’s medical records and compel a mental health evaluation, but it is not appropriate or justified to look at another judge’s work computer and/or personal server concerning inappropriate online conduct. Am I the only one puzzled by that reasoning?

As a side, why agree that Judge Adams should be subject to a mental health evaluation for conduct that basically centers around him being independent minded with his colleagues but not suggesting or ordering a mental health evaluation for a judge who apparently was maintaining images that had an obscene if not bestiality theme? It is any wonder that Judge Adams, with the support of Judicial Watch, has filed suit to have the law allowing such disparate and unjustified actions by the judicial branch declared unconstitutional.

Now recall I mentioned that Judge Scirica is in the 3rd Circuit and Judge Kozinski is in the 9th Circuit. Well Judge Adams is in the 6th Circuit. Considering the apparent differences in how Judge Scirica operates in two different cases one must wonder if his investigative actives are “picked” not based upon his record of thoroughness but on his track record of steering the investigation to the desired conclusion. Based upon the allegations now being made against Judge Kozinski, one can only speculate that these newly disclosed victims could have been spared had a proper and through inquiry been completed in 2008 by Judge Scirica and his committee.

It is troubling that the 2008 “investigation” was completed by a federal judiciary body that should have known better. Investigations involving computer activity must involve the independent forensic collection of all available digital evidence and the examination of that evidence in a forensic manner. To do otherwise is call into question the legitimacy of the activity and the motives of the parties involved. Judge Scirica’s involvement in these two cases support that the judiciary cannot police itself. An independent Inspector General’s Office, with investigative procedures and protocols, needs enacted to ensure that the public is objectively protected against individuals who are appointed for life. On that note I left a cigar lit somewhere. Take care.

Advertisements

A Case of Cyberstalking or Cyber-Annoyance?

A story recently caught my eye from woman noting how she has been a cyberstalking victim for “15 years.”  My first impression was how could this be and her victimization must be stopped.  However, upon critical examination the catchy headline is really not supported by the story’s content.  In some ways, the woman is quick to criticize the law enforcement response to her plight, which I believe is somewhat misdirected. Based upon the information she provided it is clear she is a victim but the duration and the illegality of the situation is being overstated.

Let me first say that this woman notes in the article that her stalker, “Danny,” had made no “threats of violence.” His conduct has been of a harassing nature. This is important. Under the federal cyberstalking statute, “cyberstalking” includes any course of conduct or series of acts taken by the perpetrator on the Internet that place the victim in reasonable fear of death or serious bodily injury, or causes, attempts to cause, or would be reasonably expected to cause substantial emotional distress to the victim or the victim’s immediate family (See 18 U.S.C. § 2261A and Blanch and Hsu).  Based upon the women’s story we are limited to conduct that would reasonably expected to cause … “substantial emotional distress.”

The second issue is the victim has known Danny for 15 years. Not all of those years of interaction could be termed “harassment” in a legal sense, let alone stalking. She indicated that she started interaction with Danny when she was 12 and he was 14.  At first the interaction appears to have been mutual but he became too obsessive, so she blocked him. I am not sure if she told him to buzz off or just blocked him. If she just blocked him without telling him to stop then he might not have realized she had enough. We know from her article that she blocked him sometime in high school.

In about 2006, Danny sees her on Facebook and sends her a “friend” request, which she accepts.  If she felt the previous interactions were that disturbing why in heavens name did she accept?  We clearly are running into difficulty equating her response as indicative of someone who suffered “substantial emotional distress.”

Danny shows up unexpected and she agrees to have coffee with him, accepts his gift, and interacts with him. Does she block him from Facebook afterwards? No, she continues to allow him to send messages to her and have him as a Facebook friend until 2012. So for six years she keeps him as a Facebook friend. Again, is that indicative of someone suffering “substantial emotional distress?”

Finally, for the first time in 2012, she tells him to mediate his behavior noting in part… “sent him a message asking him to please stop messaging me so much or I’d block him.” He continues to send messages and she FINALLY blocks him.   Note, that she was willing to continue him being a friend, provided he quit sending so many messages.

From then on, the situation has gotten to what is clearly negative and indicative of harassment. In short, this is a case were possible criminal conduct has been going on for really about four or five years, not fifteen years, as she portrays.

Finally, she decides to make an official police report and goes to some lengths to point out law enforcement’s apparent ineptitude.  She goes so far as citing New York penal code, on cyberstalking, noting Danny’s conduct was “…is likely to cause such person to reasonably fear that his or her employment, business or career is threatened, where such conduct consists of appearing, telephoning or initiating communication or contact at such person’s place of employment or business.” I believe based upon her version of events that his conduct likely does fit this particular statutory element. Ironically, the women also included in her story an additional statutory element … “the actor was previously clearly informed to cease that conduct.”  She then glosses over the second element concluding that law enforcement was wrong in telling her no crime was committed.  The problem is for a crime to be successfully prosecuted ALL elements must be proven.

However, her own facts fail to support that her harasser was “clearly informed” to cease his conduct. Sure, she blocks Danny on AOL, only to later accept his friend request on Facebook.  We have one incident where she tells him to stop sending so many messages or she will block in on Facebook. She later blocks him after he sends more messages.  After that she appears to accept his conduct and there is no indication in her story that she told Danny in clear terms to stop communication with her in any manner.  She knows him after all and could send him a letter, instant message, or email to stop communicating and to cease all interaction. The article does not mention her sending him a “cease” notice.  Under federal cyberstalking the “cease” notice could also be evidence to establish that Danny was causing her “substantial emotional distress.”

The writer goes on to discuss her interactions with several legal scholars who conclude that law enforcement doesn’t know how to deal with cyberstalking/harassing cases.  Law enforcement does have to work on its cybercrime responses. In this case, I think the victim should have been directed to tell “Danny” in clear terms stop contacting and harassing the victim.  Law enforcement has been known to also reach out to the harassing person, if identified, to cease and decease their behavior or they will take action. Obviously, any such notification should be documented.   Additionally, it should have been reinforced that she should stop communication with him after that notice was provided. No more accepting his friend requests, etc.

I think in fairness to law enforcement, they are focused on acts which are threatening of person or property. If she had evidence of threats of harm or Danny’s acts were clearly causing her emotional distress, such as occurs with revenge porn or forwarding obscene material, they would have been more aggressive in their response.  Another indication that would have shown the communication was causing emotional distress was it if was from an unknown person. However, the victim knew it was Danny and from her tone she just found him to be a growing annoyance. I don’t think our only response as citizens to non-threatening annoyances from individuals we know is to call the police.

Documentation of the communication and interactions is just one prong to helping law enforcement.  But like law enforcement, victims also have to learn how to deal with cyber misbehavior in a manner that either ends the troubling conduct or results in situations where law enforcement and prosecutors can go after the cybercriminal.  Nipping an annoyance with clear notification to a person that their communication is unwanted and to cease, may stop the activity before it escalates to something much more serious. Who@ (Working to Halt Online Abuse) provides the following advice on such notices:

Generally speaking, it is unwise to communicate with a harasser. However, as soon as you determine that you are truly being harassed by someone, you must very clearly tell that person to stop. Simply say something like “Do not contact me in any way in the future” and leave it there. You do not need to explain why, just state that you do not want the person to contact you.

This simple notice to stop provides evidence any reasonable person can interpret that a victim finds the interaction distressing. I have included links to additional resources for individuals being victimized below. On that note, I left a cigar lit somewhere.

 

PS: The victim noted that Danny’s lawyer called her and indicated that he would stop all communication. She noted that Danny’s lawyer would not tell her if he had harassed other victims, citing attorney client privilege. Danny’s lawyer contacting her may well have been the result of her formal law enforcement compliant, which was found during a probation officer’s investigation if Danny caught a criminal cyberstalking or harassment case.  If true, law enforcement may have indirectly helped the victim by documenting her concerns. The victim could do a search of Danny’s true name through online court records to determine if he had a criminal case. If Danny has such a criminal case she could reach out to the Court and/or probation office to insure they were aware of her plight as a further preventive step.  If he is on supervision he can be ordered to cease contact or face a sanction (location monitoring, jail time, etc.)

Some Resources

Stalking Resource Center

Who@ (Working to Halt Online Abuse)

WomensLaw.org

 

Hey Lets be “Friends”: Why Police Need to be Careful with Personal Cell Phones

Well it happened again. You know what we are talking about. A police officer either issues a ticket or arrests someone, and the suspect concludes it is a good idea to go to Facebook and make a threat against the officer.  This time it happened in Jackson County, MI, when Joey Jason Holliman allegedly posted a threatening message on Officer Michael Strickland’s timeline shortly after being ticketed Wednesday.

We don’t know how Holliman located Officer Strickland’s profile.  It may be that Officer Strickland didn’t set his privacy settings properly. For instance, he may have allowed search engines to index his profile, a feature that can be turned off rather easily.

But then again it might not have anything to do with the settings. Let us explain. About two weeks ago, I started seeing individuals appear in my suggested friends page that should not be there. For instance, offenders that I supervised and had sent to prison. Todd and I discussed how this might happen. We ruled out that I had searched for them with my profile or I had their telephone number in my personal address book.  I theorized that they may have searched for me. Even though they couldn’t find me as my privacy setting was locked down, Facebook, thought I might want to connect with them, so it suggested them as possible “friends.” How helpful! (We haven’t ruled that theory out yet.)

However, it appears there is another possibility that is even more troubling. If two Facebook users connect to Facebook from the same IP subnet or they are using Facebook on their cell phone from near-overlapping geocodes, the social networking site assumes the users are “friends” or potential “friends.” Yep, you guessed. It then populates the suggested “friends” to both users.  How nice!

In the ticket incident above, if both Holliman and Officer Stickland had cell phones on, with Facebook connecting to the Internet, they would have likely been using an overlapping geocode.  Even if Holliman’s didn’t remember Stickland’s name, Facebook would likely have suggested him as a potential “friend.”

Many of us carry our personal cell phones on our person in the field.  We also have them in our office.   But by allowing Facebook to connect to the Internet from our cell phones, we are exposing ourselves to “friend” suggestions from those we would prefer not know we even have a Facebook profile.  How many times do those of us in law enforcement go into high crime areas with criminals nearby with cell phones on their person? How many times do suspects have cell phones on their person in police waiting areas or outside courtrooms? Do we really want our Facebook profile offered up as a “friend” suggestion to EVERYONE?  Unfortunately, Facebook does not offer restrictions on appearing in “friend” suggestion lists.

It would seem the solution is to turn off one’s geolocation  (Suggestions can be found here). But, this would seem only to limit Facebook from sharing it with other users. This suggestion does not prevent Facebook from gathering your geolocation and using it for its own purposes, such as in suggesting “friends” in the same area.  The really only secure why to stop this is not have Facebook installed on your phone OR at a minimum limiting your cell phone/Internet usage. For instance, turning it on when needed and turning if off when not in use.  This way it is not consistently connected to the Internet, looking for “friends.”  Additionally, limit or eliminate your cell phone/Internet usage in “high “risk” areas, such as where you might run into someone you are going to arrest, are arresting, and/or did arrest. Finally, individuals involved in law enforcement must be continually vigilant to how their personal devices may be inadvertently “leaking” information to other devices in a way that poses a risk to them and their loved ones. Of course, that is really sound advice for all of us, regardless of our occupations. On that note I left a cigar lit somewhere.

Riddle Me this Batman: Doing Google Search Warrants

One of the unique aspects of my “job” is I get to see investigative reports on various cases and how they develop. Recently, I was looking at the investigative efforts of an agency on a child porn case. It was a simple case really. The suspect used a gmail account to send illegal images to a covert account, which also happened to be a gmail account. But I have my questions.

The investigative agency got a search warrant and served it on Google. However, for some reason the matter was not sealed. If one searches the gmail account name you can actually still find the case which references the search warrant, i.e., USA v. actual name of the gmail account.

Yeah, big problem Batman. And guess what? The suspect went missing for a year. First question, why was the search application not sealed in this day in age, particularly on a case seeking a search warrant an email account? I am just guessing but maybe this suspect did a Google search on his email or even had an alert set up to notify him when his email showed up on the web. Hence, the reason he was missing for a year.

Next few questions in this case revolve around the search warrant affidavit and what they were seeking. In this case they only asked for “the email account”, which apparently is all they got. They got email to and from the suspect and their attachments. This was the meat of the issue and showed he sent and received illegal images. However, why didn’t they seek and obtain other aspects of the Google account in their application?

Specifically, they interacted with this suspect via email from another gmail account. Why not have also interacted with him using Google chat function too? It is after all highly likely that this suspect also used Google’s chat service to trade child porn, if not worse. Additionally, what about asking for everything on the Google drive too? I mean, individuals don’t just store data on hard drives now. Why not also explain that law enforcement also needed data from this subject’s Google drive in the search application?

Additionally, individuals often times will search via Google while they are signed into their account. Guess what? Google will frequently have that history saved. Won’t it be good to also have that evidence that subject was searching for these images too?
These last two questions, concerning the Google drive and the search history, become particularly important when we consider that when they found this suspect his computer was long gone. Sure they have the emails messages and attachments sent back and forth. But is it possible that he still has images saved in his Google drive?

Additionally, this suspect initially claimed his account was “hacked.” One way to overcome the “hacked” defense is the person was doing other activity at the time they were looking for porn. For instance, one minute he is looking for an address for a job and the next he is surfing for porn followed by searching for a car part etc. Also, having the IP address from where the account was accessed during the email and browsing sessions would also have been helpful to defeat the hacker defense, particular as they didn’t have the suspect’s computer. Thankfully, he later admitted he was using the account to trade child porn and dropped the hacker defense.

Final question is they apparently never went back and got search warrants for the original Google account and additional email accounts after his admission over a year later. Do we really believe that he only traded child porn for a two month period? With his admission and the evidence already gathered it appears that there would be plenty of probable cause, which wasn’t stale, to get additional search warrants for these accounts. I get that they had plenty of evidence but shouldn’t they make sure they checked these accounts again. We don’t stop searching a building because we found drugs in one room. What if there were more than just additional images in those accounts, such as evidence that he was involved in molesting a child?

Granted I am playing arm chair detective here and they have the guy. My point to all this is we need to start looking at Google as more than just an email service. It is cloud storage provider and in many ways contains as much and maybe more pieces of electronic evidence than a traditional computer. So Batman, what you think? On that note, I left a cigar lit somewhere.

Silk Road 2.0: A Cheap Imitation of the Original

Last week it was announced that law enforcement had again taken down illegal Tor markets. Kudos to law enforcement on their apparent success! Although, they took down several such online market places, the one that caught everyone’s attention was Silk Road 2.0, the heir apparent to the original, shut down a little over a year ago. But has anyone really compared the original Silk Road to 2.0? It appears that 2.0 is a cheap knock off or imitation.

The Original

The first Silk Road was in operation from approximately February 2011 to October 2013, roughly 32 months. It reportedly had total sales of about $1.2 billion, earning $80 million in commissions. It also had over 13,000 in drug listings. When it was initially shut down, 26,000 Bitcoins (BTC) were seized from Silk Road accounts, worth approximately $3.6 million at the time. However, there was also 144,000 BTC, or about $28 million, seized from the purported mastermind. We have little information that it was every hacked, at least to any great extent. We have no information to date its fall was due to an undercover agent working on the inside.

Silk Road 2.0

Silk Road 2.0, operated from about November 2013 to October 2014, roughly about 12 months. One particular month’s sales were noted at $8 million. At a 5% commission, this earned the illegal business about $400,000. However, we can’t say they averaged $8 million a month. In fact, shortly after Silk Road 2.0 start-up it was hacked, losing about $1.5 million in BTC. It reportedly had drug listings of about 14,024. We have information that only about $1 million has been seized at the present time. Finally, the complaint reflects that early on an undercover agent was on board, working with the supposedly more “secure” management team.

Looking at longevity, total sales, and amount seized Silk Road 2.0 pales in comparison to the original. The only area Silk Road 2.0 appears to exceeded the original in was total drug listings. However, more listings did not translate into more money. To be fair to Silk Road 2.0, they clearly had more competition than the original. But I think that success is all negated when one considers they were hacked and had an undercover agent working on the inside.

Now we have news that Silk Road 3.0 has started up. Maybe someone should point out to the new Dread Pirate Roberts that this franchise appears to be a dead end. You can’t spend all those earned BTC commissions very well in prison, particularly if they end up being seized. One thing I would point out though, which kind of sends chills up my spine. Both Silk Road and 2.0, were not run by career drug dealers. They were run by tech savvy individuals, with no brick and mortar drug dealing expertise. With the kind of money being made it will not be long, if it hasn’t happened already, that a traditional drug dealer or gang will decide to go “high tech” into Tor’s marketplace. When that happens, this so called “safe” online market place will become a lot more dangerous for those involved. On that thought, I left a cigar lit somewhere.

Additional Reading

More Than 400 .Onion Addresses, Including Dozens of ‘Dark Market’ Sites, Targeted as Part of Global Enforcement Action on Tor Network

Operator of Silk Road 2.0 Website Charged in Manhattan Federal Court

Original Silk Road Complaint

Silk 2.0 Complaint

Silk Road 3.0 Opens for Business

The FBI’s Plan For The Millions Worth Of Bitcoins Seized From Silk Road

Digital Domestic Violence

“Stranger danger” has been used frequently to describe online threats, particularly those facing minors. However, one of the most serious digital dangers facing some individuals is posed by those who likely know the Internet user the best, such as a former spouse or significant other. Increasing domestic abusers are turning to technology to harass, threaten, and/or stalk their victims. This has become known as “digital domestic violence.” Use of technology to stalk or harass, has been since almost since the Internet’s inception. In the mid-1990’s, we started seeing the term “cyberstalking” and cyber harassment being coined in recognition of how individuals were using electronic communications to victimize others. Digital domestic violence (DDV) is more narrowly focused on those who use technology against a former girl/boyfriend or spouse. It can include using the Internet to:

  • Research methods and means to harass or stalk their victims;
  • Keep track and follow their victim’s movements and habits, frequently by accessing social media, either with or without global positioning information;
  • Transmitting and/or accessing computer monitoring software reports installed on victim’s computer or devices;
  • Transmit actual threats or harassment towards their victim; and
  • Facilitate the use of other technologies in DDV, such as GPS trackers, cell phone tracking, and remote video/audio surveillance.

One’s former significant other or spouse, is in a unique position to wreak digital chaos on their victim’s lives. This is because of trust. The victim at some point in the relationship likely trusted their future attacker. With trust can come access to the victim’s computer and/or mobile devices. Prior to the relationship’s termination, the offender may have searched the device, viewing browsing history, e-mails, text messages, etc. They may have also left their e-mail account or social media profile opened. This access also may have allowed the future attacker to install monitoring software unbeknownst to the victim. Monitoring software by the way is very easy to install on computers and mobile devices. It is rather inexpensive, free versions are available, and depending upon the vendor, the results can be reviewed via the Internet, without direct access to the device that it is installed on.

Even if the victim did not provide access to their devices, they may have accessed their e-mail and/or social media from their future attacker’s own device. It isn’t that uncommon for a trusting girlfriend to check on their social media profile or e-mail via their boyfriend’s lap top or computer. They might not have been completely logged off when they were done, allowing the boyfriend to gain access. Even if they did log off, depending upon the offender’s technical sophistication, the password may be able to be recovered from their system at a later date. An unsophisticated offender may have even installed monitoring software on their own computer to capture passwords of unsuspected users for later retrieval. These are not the only methods to gain access to a victim’s digital life. Other cyber-criminal’s rely on methods, such as social engineering, to get passwords. Because of trust, a future attacker, may know their victim’s passwords to e-mail accounts and social media profiles. DDV offenders unlike strangers, know their victims, their friends, their habits, their history, etc.. If they don’t know the passwords, they likely know the answers to challenge questions to reset them. They know a lot about their victims, which can be used to trick them into providing information, getting them to install a program, such as monitoring software, or unknowingly add them as an “old” school friend in their social media circle. Other DDV offenders focus at the start with more direct methods of harassment and/or threats, such as sending messages or posting on social media profiles.

Victims should make sure to print out or take screen shots of all harassing or threatening messages so they can be provided to law enforcement. These posts can be quickly dealt with by reports to law enforcement and service providers and electronically blocking the offender from sending or posting messages. However, if the DDV offender still manages to electronically get to their victim, it may be that they have gotten access to the victim’s accounts and/or installed monitoring software. At a minimum, individuals involved in a bad break up with no violence, need to change all passwords to all accounts. They should also consider removing their former partner from their social media circles or at a minimum imposing restrictions on what they can access. Additionally, it is important to turn off GPS tracking on one’s mobile devices (cell phone, I-Pads, Windows Tablets, etc.) as well as for digital cameras (Digital cameras will embed GPS coordinates in the meta-data of image files created). If it appears that their former partner is still gaining access to them or following them they may wish to either get new devices or have their old ones checked for monitoring software (this can be costly but effective). In cases where violence occurred, victims need to immediately stop using their devices until they are deemed safe and gain access to new or trusted devices. In all cases where DDV is occurring victims need to contact law enforcement and seek help from resources such as those listed below. Obviously, victims should not use an untrusted device to make these contacts as their attacker may be monitoring them. (The National Domestic Violence Hotline is 1-800-799-7233 TTY: 1-800-787-3224).

Resources

Daily Tip: How to turn off GPS geo-location for iPhone photos, protect your privacy

Digital Harassment Is the New Means of Domestic Abuse

How to Turn Off GPS on a Cell Phone

How to Turn off GPS on the iPhone

How to Turn Off Location Services on an iPad

Minnesota Center Against Violence and Abuse

National Coalition Against Domestic Violence

Privacy and Domestic Violence

Smartphone Pictures Pose Privacy Risks

The National Domestic Violence Hotline

Turn Off Your Smartphone Camera’s GPS to Protect Your Privacy

What is Digital Abuse?